US security firm Zscaler has warned users to not download Adult Player, an Android porn app, which offers free porn videos, but actually installs ‘ransomware’ that forces a phone or tablet to lock up until the victim agrees to pay $500 extortion money.

The app lures users by offering free x-rated pornographic videos. Before installation, the app asks for administrator access to the device which allows it to load malicious files and lock the users’ device once installed. Adult Player then uses the front-facing camera to take users’ photos, displays the photos on the screen along with a message demanding $500 to be paid via PayPal – to unlock the phone and decrypt the images – within 24 hours of receiving the payment. The app threatens to expose the users, share the photos with the phone’s contacts, reveal privacy information, or to completely wipe the device of all its contents, if they refuses to pay the ransom.

The warning screens say the device has been locked “for safety reasons” and claims to be a warning from the FBI for visiting “forbidden pornographic sites”. The message also lists the location, the operator and the version of the Android software running on the device.

The ransomware is designed to stay stagnant on screen and does not allow the victim to uninstall it. Even if the users try to shut down the device and restart it by pressing the on/off button, the ransom message will appear as soon as the device’s operating system has finished booting up, so it is impossible for the users to access Settings and try to uninstall the app.

2. Uninstalling ransomware from device requires you to first remove administrator privilege. To do the same, go to Settings –> Security –> Device Administrator and select ransomware app, then deactivate.

3. Once this is done, you can go to Settings –> Apps –> Uninstall ransomware app.